cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
95,059 Commits 1 Branch 0 Tags 544 MiB
4838e46405
Commit Graph

3740 Commits

Author SHA1 Message Date
brad
6a161ec20d Update to Botan 1.10.8. 
ok sthen@
 2014-04-14 22:37:07 +00:00
jturner
27e962c10f Fix issues due to undefined symbol '__guard_local' by linking with 
${CC}. Original diff from Henrik Friedrichsen <henrik at diff dot cc>.
Tweaks from me and juanfra@.

ok juanfra@
 2014-04-14 01:20:10 +00:00
benoit
8878af182f Update py-pefile to 1.2.10-139. 
ok rpointel@ (maintainer)
 2014-04-13 07:06:26 +00:00
naddy
2b8930a283 Drop USE_GROFF since groff and mandoc produce identical output. 2014-04-13 01:01:38 +00:00
ajacoutot
495965f924 Bugfix update to gnutls-3.2.13. 2014-04-08 12:28:48 +00:00
naddy
0f88ce9cc8 add another semi-portable alternative to work around our lack of sum(1) 2014-04-03 15:13:19 +00:00
sthen
6e21013420 switch to separate vpnc-scripts package; ok rpe@ 2014-04-01 11:40:27 +00:00
sthen
063d394c04 switch from p5-Mozilla-CA to p5-Mozilla-CA-Fake 2014-03-30 19:28:02 +00:00
sthen
111ce6ccc6 Import security/p5-Mozilla-CA-Fake, an alternative to CPAN's Mozilla::CA but 
rather than bundling an old copy of Mozilla certs, this just points to the
system /etc/ssl/cert.pem. OK on earlier version and tweaks nigel@
 2014-03-30 19:27:31 +00:00
dcoppa
618dbc0c88 Update to ccid-1.4.16 2014-03-27 13:55:43 +00:00
sthen
ff5896063c remove bogus timestamp-checking code resulting in spurious failures 2014-03-27 13:52:30 +00:00
naddy
dd96da4ac9 Drop USE_GROFF since groff and mandoc produce identical output. 2014-03-27 12:07:59 +00:00
ajacoutot
d4d4db0455 Sync WANTLIB. 2014-03-26 18:17:49 +00:00
gonzalo
c88fe5026a This is an update for jailkit to 2.17, is a minor bugfix release, allows 
jk_chrootsh to be called -su, it improves argument handling and error messages, and
makes jk_cp honor the -j option again.

Also remove maintainer.

Tested on powerpc@ and amd64@

OK sebastia@ (EX-Maintainer ;)
 2014-03-26 17:38:27 +00:00
sthen
738d7e71d2 update to oath-toolkit 2.4.1 2014-03-26 14:17:53 +00:00
espie
38f56a042e replace MAINTAINER address with currently valid address, bump REVISIONS. 
okay maintainer
 2014-03-25 21:20:39 +00:00
ajacoutot
df8d1135fc Forgot @pkgpath in previous. 2014-03-25 12:33:31 +00:00
ajacoutot
e916ea18fd -sshguard,tcpd 2014-03-25 12:32:10 +00:00
ajacoutot
73a7684a80 Drop the tcpd FLAVOR. 
ok sthen@
 2014-03-25 12:31:50 +00:00
dcoppa
03e0bb9161 Disable libwrap support. 
Ok gsoares@ (maintainer)
 2014-03-24 21:44:09 +00:00
dcoppa
5c51c99534 Disable tcp wrappers 2014-03-24 14:39:23 +00:00
ajacoutot
114d6c63ac Update to cvechecker-3.5. 2014-03-24 12:47:55 +00:00
kili
eb17bd6c23 Don't try to link against librt. 
ok dcoppa@
 2014-03-23 20:02:14 +00:00
jasper
a53a456a6c update to p5-Crypt-DSA-1.17 2014-03-22 10:22:36 +00:00
jasper
5295ffcbf6 don't bother running pod2man on a .pod file which won't build with perl 5.18, 
and then end up not installing it anyway.
 2014-03-21 12:26:18 +00:00
jasper
ad3fcc413e unbreak with perl 5.18, patch taken from 0.46. 2014-03-21 12:05:29 +00:00
jasper
f40af640e9 update to p5-Crypt-DH-0.07 2014-03-20 20:36:00 +00:00
gsoares
f14b418692 update to 0.5 
from Henrik Friedrichsen < henrik at diff dot cc >
 2014-03-20 19:21:00 +00:00
jasper
3ea3febc52 remove m68k-related workarounds 2014-03-19 13:40:59 +00:00
sthen
2a8dd838e1 build py-bcrypt,python3 2014-03-19 11:16:16 +00:00
sthen
e99b9c3602 SECURITY update to py-bcrypt 0.4, from Francisco de Borja Lopez Rio 
- while there, fix WANTLIB and enable python 3 support; by me

Fix concurrency bug reported by Alan Fairless of spideroak.com:
Multiple threads may hash into the same memory area simultaneously.
This may manifest as occasional random authentication failures (as
user-a's password hash is compared to user-b's), but could potentially
be used to bypass password checking by an attacker (user-a attempts
login on user-b's account, while simultaneously flooding auth requests
against user-a's account to overwrite the hash).
 2014-03-19 11:15:56 +00:00
jasper
c29ba2e8b4 Crypt-Twofish-2.17 2014-03-19 07:23:57 +00:00
jasper
65f0c72501 update to Crypt-Blowfish-2.14 2014-03-19 07:23:45 +00:00
jasper
d48fc4e12f update to Crypt-DES-2.07 2014-03-18 23:13:33 +00:00
dcoppa
0c9ddb5974 Update to wpa_supplicant-2.1. 
Tested by pascal@ and Gregor Best

OK sthen@ (maintainer)
 2014-03-18 05:57:22 +00:00
sthen
4291ce340c SECURITY update to stunnel 5.00, fixes an issue similar to libssh and 
postgresql where a forked child process doesn't correctly reset RNG state.
See CVE-2014-0016, http://www.openwall.com/lists/oss-security/2014/03/05/1

ok gsoares@

Note from upstream release notes:

"stunnel 5.00 disables some features previously enabled by default.
Users should review whether the new defaults are appropriate for their
particular deployments."

These changes include: FIPS mode, pid file generation and
libwrap disabled by default, and the default cipher list has
been updated to "HIGH:MEDIUM:+3DES:+DH:!aNULL:!SSLv2".
 2014-03-17 13:03:11 +00:00
ajacoutot
00688c41d5 unbound is in base, tweak comment. 2014-03-16 15:53:25 +00:00
benoit
e9999b3ac8 Update to clusterssh 4.02.03. 
from Daniel Levai, maintainer timeout
 2014-03-16 08:54:34 +00:00
benoit
d3611ded33 +libscrypt 2014-03-15 14:01:46 +00:00
benoit
4818484737 Import libscrypt. 
Shared library that implements the scrypt key derivation function.

from maintainer Daniel Levai, ok sthen@
 2014-03-15 13:37:18 +00:00
ajacoutot
94f4ad8215 Be safe and explicitely set --with-default-trust-store-file. 2014-03-14 17:42:59 +00:00
rpointel
2b0f480bc9 update to 0.6.3 
security fix: http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0017
 2014-03-14 10:17:17 +00:00
benoit
361fe78037 Update to py-ecdsa 0.11. 2014-03-12 21:01:56 +00:00
dcoppa
e83874182f Use sthen's mirror due to problems with SPI's certificate 2014-03-12 13:43:09 +00:00
dcoppa
38b21609db Update to pcsc-lite-1.8.11 2014-03-12 08:37:49 +00:00
benoit
96725a0b54 Update to pdfcrack 0.13. 2014-03-11 17:28:47 +00:00
benoit
864f605fc2 Update to pdfcrack 0.12. 2014-03-10 21:15:36 +00:00
benoit
1d0c7965eb Update to py-paramiko 1.12.2. 2014-03-10 20:56:17 +00:00
rpe
691dc3214a add py-keyczar 2014-03-09 23:49:08 +00:00
rpe
5c8f797c2f add py-keyczar 0.71c which is a dependecy for ansible 1.5 
Keyczar is an open source cryptographic toolkit designed to make
it easier and safer for developers to use cryptography in their
applications. Keyczar supports authentication and encryption with
both symmetric and asymmetric keys.

with feedback and OK sthen@
 2014-03-09 23:44:51 +00:00
brad
accc4f1e17 Update to Botan 1.10.7. 
ok sthen@
 2014-03-09 22:47:50 +00:00
brad
b32a963827 Enable ASM bits. 
ok sthen@
 2014-03-09 22:32:48 +00:00
ajacoutot
6b8f98992b SECURITY update to gnutls-3.2.12.1. 2014-03-09 22:08:50 +00:00
rpointel
b7c8c3cb76 Update libssh to 0.6.0. 2014-03-09 20:41:14 +00:00
jasper
e4f387b9be add patch from gnupg to silence the "using insecure memory" warning 
when swap is encrypted.
 2014-03-09 20:02:37 +00:00
sthen
d9d2cb6132 Pull in an upstream commit to GnuTLS fixing a certificate validation 
issue: https://www.gitorious.org/gnutls/gnutls/commit/855127da290

ok naddy@ espie@ jasper@ jca@
 2014-03-04 15:09:36 +00:00
ajacoutot
4fea671524 SECURITY fix for CVE-2014-1959. 
ok sthen@ jasper@
 2014-02-14 09:07:30 +00:00
bluhm
6e74d6b1e7 update p5-IO-Socket-SSL to 1.967 2014-02-09 00:22:27 +00:00
ajacoutot
30cab56355 Update to gnutls-3.2.10. 2014-02-07 09:04:41 +00:00
ajacoutot
aee2aaef34 Update to libgcrypt-1.6.1. 2014-02-07 08:57:44 +00:00
brad
13eda42368 Add the missing Blowfish ARM assembly code which due to a mistake 
with the Makefile was left out of the release tarball.

Build issue with ARM and suggested patch by
Guenther Niess <niess at cs dot uni-potsdam dot de>

ok dcoppa@
 2014-01-28 00:23:11 +00:00
ajacoutot
41ecc33bea Update to p11-kit-0.20.2. 2014-01-27 17:57:32 +00:00
kirby
b468817ea1 - switch from MESSAGE to README 
- drop USE_GROFF=Yes
 - regen distinfo
 2014-01-27 15:49:15 +00:00
espie
80b8aa04a3 iick, passwd directly in binary file 2014-01-25 13:18:04 +00:00
ajacoutot
6e844e9985 Better comment; no pkg change. 2014-01-24 22:20:30 +00:00
landry
066c861585 I shipped you some documentation but i chmod'ed it 600 so that you cant 
read it :(
 2014-01-24 21:56:18 +00:00
ajacoutot
c4bfb7e5f7 Update to gnutls-3.2.9. 2014-01-24 21:21:47 +00:00
landry
74da5e8595 What's the point of installing binaries with mode 700.. really. 
While here add some free patches including prototypes for exit() &
memcpy(). Anyone really using this ?
 2014-01-24 21:00:43 +00:00
bluhm
428aac2246 update p5-IO-Socket-SSL to 1.966 2014-01-22 08:30:49 +00:00
syl
271ab4db1d encfs does not need all these patches anymore. 
OK ajacoutot@
 2014-01-21 15:41:27 +00:00
ajacoutot
d4efdbbb5c Set @mode explicitely. 2014-01-19 09:54:18 +00:00
bluhm
007c2522e7 update p5-IO-Socket-SSL to 1.965 2014-01-18 11:57:37 +00:00
bluhm
2bba9a5fb2 update p5-Net-SSLGlue to 1.052 2014-01-18 10:14:06 +00:00
jasper
1ba225c59d import ruby-akami 
Gem to build Secure Web Services.

ok aja@
 2014-01-18 09:29:13 +00:00
jasper
7deb7ed1a7 sync 2014-01-18 09:26:59 +00:00
bluhm
a39e00cc08 - update p5-Net-SSLeay to 1.58 
- remove patch, it has been commited upstream
 2014-01-18 02:29:05 +00:00
stsp
81bd87bb9b +encfs 2014-01-17 13:30:49 +00:00
ajacoutot
ef0ba3806f PERMIT_PACKAGE_CDROM is enough. 2014-01-17 10:16:07 +00:00
stsp
aa3120f1b6 Port of encfs, an encrypted filesystem based on FUSE and OpenSSL. 
With lots of help and patches from syl@.
 2014-01-17 10:10:58 +00:00
jasper
2198b4cff5 - update to clamav-0.98.1 
ok sthen@ (MAINTAINER)
 2014-01-15 13:06:47 +00:00
jeremy
7aa034e95f Bump ruby gem ext ports after change to WANTLIB in ruby.port.mk 2014-01-15 02:13:57 +00:00
jeremy
5d15fd9555 Remove MODRUBY_WANTLIB_m use. 2014-01-15 02:03:53 +00:00
bluhm
f5c80ef1e8 - update p5-Net-SSLeay to 1.57 
- fix strlen() size check bug, already commited upstream
 2014-01-14 19:53:58 +00:00
bluhm
e9f8d8e632 update p5-IO-Socket-SSL to 1.963 2014-01-14 19:32:11 +00:00
dcoppa
f8f954088e New homepage. 2014-01-13 09:03:21 +00:00
bluhm
df90e3589a update p5-Net-SSLGlue to 1.051 2014-01-12 23:49:09 +00:00
benoit
279136c1b2 Update to py-paramiko 1.12.1. 2014-01-12 11:02:11 +00:00
jeremy
56a9cca512 Build ruby21-* packages for ruby gem ports with C extensions. 2014-01-11 22:56:03 +00:00
jeremy
dca4d5c9a8 Remove extension source directory from package so that ruby21 FLAVOR 
packages.
 2014-01-11 22:51:01 +00:00
sthen
f7363ec34c update to yubikey-personalization-gui-3.1.14, minor gui fix to confirmation box 2014-01-11 14:39:45 +00:00
sthen
026133ccb7 minor update to yubikey-personalization-gui-3.1.13 2014-01-10 15:40:22 +00:00
landry
559f7b8b5e Update to nss 3.15.4, needed by gecko 27. 
Contains a fix for (CVE-2013-1740): When false start is enabled, libssl
will sometimes return unencrypted, unauthenticated data from PR_Recv
(https://bugzilla.mozilla.org/show_bug.cgi?id=919877)

See https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.4_release_notes
 2014-01-09 20:09:44 +00:00
sthen
83283f6689 missing @newgroup 2014-01-08 22:01:36 +00:00
ajacoutot
4cfe12ac54 Tweak comment; no pkg change. 2014-01-06 08:50:47 +00:00
jasper
4b16ae46ce use ${MODPY_WANTLIB} and regen WANTLIB while here 2014-01-04 21:20:53 +00:00
ajacoutot
9e8850350e Update to libgcrypt-1.6.0. 
tested in a bulk by landry@, thanks.
 2014-01-04 08:54:21 +00:00
gsoares
3bb2993c2f missing RCS id. 2014-01-03 20:20:58 +00:00
ajacoutot
5c530d1205 Update to libtasn1-3.4. 2014-01-03 06:43:06 +00:00
ajacoutot
a545c8ff15 Fix HOMEPAGE. 2014-01-03 06:39:57 +00:00
naddy
611dc52f1c Drop USE_GROFF since groff and mandoc produce identical output. 2014-01-01 20:46:27 +00:00
sthen
98d1a871be update to yubikey-personalization-gui-3.1.12 2013-12-30 23:05:53 +00:00
brad
8ad08a32d3 Update to Botan 1.10.6. 
ok sthen@
 2013-12-24 14:39:56 +00:00
jca
2594d8a54c Update to kc-2.3.2, from maintainer Levai Daniel. Drop the run-deps on 
p5-HTML-Parser which is only needed to run the pwsafe converter, and
document that in the README.  Remove redundant TEST_TARGET while here.
ok sthen@
 2013-12-24 12:56:19 +00:00
ajacoutot
6a9cff9737 Update to gnutls-3.2.8. 2013-12-20 21:50:58 +00:00
pea
f444d84906 Security update to 1.4.16 (CVE-2013-4576) 
ok jca@, brad@
 2013-12-19 21:22:30 +00:00
sthen
5ba5552acd update to Digest::HMAC 1.03, from david hill, ok maintainer 2013-12-18 12:31:58 +00:00
dcoppa
999f401f9b Update to IO-Socket-SSL-1.962 
OK bluhm@
 2013-12-17 08:14:35 +00:00
dcoppa
7e762280c0 Update to dante-1.4.0 2013-12-12 14:11:36 +00:00
landry
575289e06c SECURITY update to nss 3.15.3.1. 
Bug 946351 - Misissued Google certificates from DCSSI
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.3.1_release_notes
 2013-12-10 11:17:05 +00:00
ajacoutot
72e1ffed67 Update to gnutls-3.2.7. 2013-12-08 08:31:45 +00:00
naddy
1b01d564f5 Remove parse. Old cruft, doesn't seem to work on LP64, the port 
hasn't been touched in its 13-year existence except for mechanical
changes.  ok jca@, lteo@
 2013-12-07 19:55:34 +00:00
naddy
c99e504674 remove -lcompat, which wasn't even needed 2013-12-06 19:32:53 +00:00
jca
b1043a15b0 Don't include <sys/timeb.h> (#ifdef _OpenBSD_ code). 2013-12-06 11:54:48 +00:00
jca
8dfc971e23 Regen patches. 2013-12-06 11:53:05 +00:00
jca
d7c2968222 Don't include <sys/timeb.h>. 2013-12-06 11:27:18 +00:00
dcoppa
9c43ceea81 Update to ccid-1.4.14 2013-12-06 06:35:34 +00:00
naddy
69c5b7d81d code shared with unzip: timeb was already obsolete on 4.4BSD 2013-12-04 21:10:32 +00:00
espie
80546a87fd remove redundancies with new filename{url}sufx scheme 2013-12-02 16:25:08 +00:00
jca
0c8e344795 Regen patches and distinfo. 2013-11-30 20:47:49 +00:00
jca
9a5947d8d9 #ifdefs to avoid using stty/gtty and including sgtty.h. 
This removes the need for libcompat.
Remove USE_GROFF while here, as requested by naddy.
ok naddy@
 2013-11-30 20:31:49 +00:00
sthen
7f88db390f fix homepage, reported by Ross L Richardson 2013-11-29 11:47:09 +00:00
sthen
deb5eeeef9 +sslsplit 2013-11-28 16:49:37 +00:00
sthen
5ef763bbca import ports/security/sslsplit, ok zhuk@ 
SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS
encrypted network connections. Connections are transparently intercepted
through a firewall/network address translation engine and redirected to
SSLsplit.

SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to
the original destination address, while logging all data transmitted.
SSLsplit is intended to be useful for network forensics and penetration
testing.

SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over
both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates
and signs forged X509v3 certificates on-the-fly, based on the original
server certificate subject DN and subjectAltName extension. SSLsplit
fully supports Server Name Indication (SNI) and is able to work with
RSA, DSA and ECDSA keys and DHE and ECDHE cipher suites. SSLsplit can
also use existing certificates of which the private key is available,
instead of generating forged ones. SSLsplit supports NULL-prefix CN
certificates and can deny OCSP requests in a generic way. SSLsplit
removes HPKP response headers in order to prevent public key pinning.
 2013-11-28 16:49:10 +00:00
kirby
3034c5092d - switch to new MASTER_SITES and DISTFILE 
- correct license
 - documentation cleanup
 - switch from MESSAGE to README
OK sthen@
 2013-11-28 10:54:09 +00:00
sthen
c4b331405d no point patching a file that is already in ${FILESDIR} 2013-11-26 19:46:52 +00:00
sthen
ed380335ee include if_var.h to unbreak 2013-11-25 22:23:18 +00:00
sthen
4ca51fa0b8 fix following if header changes, from mikeb 2013-11-25 14:38:01 +00:00
sthen
701c91e413 kill VMEM_WARNING 2013-11-25 14:16:22 +00:00
bluhm
c1182f53ed update p5-IO-Socket-SSL to 1.960 
Supports TLSv11, TLSv12.  Uses more secure algorithms.
 2013-11-25 14:11:12 +00:00
jca
6aaefa0357 SECURITY update to gnupg-1.4.15, fixes CVE-2013-4402 (infinite recursion 
parsing compressed packets) and includes the patch we had for
CVE-2013-4242 (Yarom/Falkner flush+reload side-channel attack on RSA
secret keys already had a patch).  Input from and ok sthen@
 2013-11-16 20:29:00 +00:00
benoit
e558b79b2d Update to assl 1.5.0. 
from David Hill (maintainer).
 2013-11-13 19:41:02 +00:00
landry
b987467b49 SECURITY (f34r!) update to nss 3.15.3. 
Fixes CVE-2013-1739 (bug #894370) & CVE-2013-5605 (bug #934016)
Adds support for AES-GCM ciphersuites in 3.15.2 (#bug 880543)

See for more details:
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.2_release_notes
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.3_release_notes
(the latter is not yet complete..)
 2013-11-13 10:02:47 +00:00
naddy
725de75f3a move http://www.gnu.org to https 2013-11-09 23:19:01 +00:00
zhuk
af08a11d08 Fix MODTCL_TCLSH_ADJ and MODTCL_WISH_ADJ. 
Review, input, okay and prodding to commit by stu@
 2013-11-09 18:22:02 +00:00
ajacoutot
0badbe03db Fix comment. 2013-11-08 15:26:05 +00:00
ajacoutot
42efd73dfa Drop bogus CONFIGURE_ARGS. 2013-11-08 10:44:30 +00:00
ajacoutot
e3edfdd3aa Remove SECURITY files. They have served their purpose in the past but 
have become pretty useless nowadays (and the pkg tools do not display
them anyway).
Some which contained valuable information have been turned into READMEs.

ok jasper@ sthen@
input/ok naddy@
 2013-11-07 07:08:59 +00:00
jca
7b70e464d5 Update to 0.14 which includes our changes (no other code change). 
While here:
- drop MAINTAINER per his request
- drop the unhelpful HOMEPAGE in favor of the default one coming with
  the cpan module
- install Crypt/OpenSSL/DSA/Signature.pod for symmetry between man(1)
  and perldoc(1)
- tests now use Digest::SHA which is in base
ok jasper@ (former maintainer)
 2013-11-06 09:05:25 +00:00
abieber
24b11f3986 bump to pick up the node libv8 change. 
OK sthen@
 2013-11-05 16:24:14 +00:00
ajacoutot
d515837275 Remove uneeded LIB_DEPENDS. 2013-11-05 15:46:07 +00:00
jca
1b028617c7 Maintenance update to version 0.06. Remove the unhelpful HOMEPAGE. 
ok sthen@
 2013-11-04 12:47:13 +00:00
jca
fd21c39401 Remove unhelpful HOMEPAGE and regen distinfo. ok sthen@ 2013-11-04 12:44:34 +00:00
jca
bcd515206c Update to 0.28, which includes the fix for perl 5.14+. No other code change. 
Use the (more useful) default HOMEPAGE from the cpan module while here, as
hinted by sthen@.  ok schwarze@ sthen@
 2013-11-03 22:14:06 +00:00
sthen
65e9d283d3 fix p5-Crypt-OpenSSL-RSA with Perl >=5.14, from rak at debian, see 
https://rt.cpan.org/Public/Bug/Display.html?id=65947
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628636
http://lists.freebsd.org/pipermail/freebsd-ports-bugs/2011-May/211223.html

regen distinfo while there
 2013-11-03 14:58:22 +00:00
ajacoutot
d3360cfef6 Update to gnutls-3.2.6. 2013-11-03 00:31:20 +00:00
ajacoutot
04d17f1b94 -Wextra is supported by both our gcc. 2013-11-02 10:43:04 +00:00
benoit
789194b535 Update to py-paramiko 1.12.0. 2013-11-01 07:28:15 +00:00
sthen
27f03b1c52 bump REVISION for any ports using route messages. regen some distinfos and 
remove unnecessary USE_GROFFs while there.
 2013-10-31 21:12:12 +00:00
ajacoutot
6972a5b45b Human readable. 2013-10-31 20:07:59 +00:00
schwarze
92d95bf55d Do not run mandoc(1) at build time. 
Just install the mdoc(7) source code of the saslauthd(8) manual.
Also regenerate patch-saslauthd_configure.
Bump.

ok ajacoutot@
 2013-10-31 19:42:45 +00:00
benoit
8a37551002 +py-ecdsa 2013-10-30 16:35:11 +00:00
benoit
f9ca202f5e Import security/py-ecdsa 
This is an easy-to-use implementation of ECDSA cryptography (Elliptic Curve
Digital Signature Algorithm), implemented purely in Python, released under
the MIT license. With this library, you can quickly create keypairs (signing
key and verifying key), sign messages, and verify the signatures. The keys
and signatures are very short, making them easy to handle and incorporate
into other protocols.

ok sthen@
 2013-10-30 15:24:54 +00:00
ajacoutot
f0f074dada Fix saslauthd man page display; noticed by aalm@ 
While here, add missing libgs2 (stupid make plist).
 2013-10-30 15:06:46 +00:00
dcoppa
272d4e472d Update to ccid-1.4.13 2013-10-28 15:11:04 +00:00
dcoppa
356ebf4360 Update to pcsc-lite-1.8.10 2013-10-28 15:10:25 +00:00
naddy
672ffe8ebb Don't pick up net/adns if it happens to be installed. ok pea@ 2013-10-27 13:47:50 +00:00
jeremy
e79a176be2 Bump all ruby gem ports supporting rbx FLAVOR due to change to rubinius 
gem directory when upgrading rubinius from 1.2.4 to 2.1.1.
 2013-10-26 23:55:34 +00:00
jca
bc67f7acc3 Committed upstream. 2013-10-25 13:49:52 +00:00
jca
2f973448f4 Forgotten in previous commit. 2013-10-24 15:43:57 +00:00
jca
3df624f906 Security fix for GNUTLS-SA-2013-3, 
GnuTLS Denial of Service vulnerability in DANE records processing.
(no CVE assigned yet)

ok aja@ (MAINTAINER)
 2013-10-24 15:42:08 +00:00
sthen
82b8ebc4e0 add a comment about use of gnu libtool 
prompted (indirectly ;) by a mail from aja@
 2013-10-23 17:50:38 +00:00
sthen
1dc37895d7 +libsodium 2013-10-23 12:08:08 +00:00
sthen
7ae527c412 import security/libsodium, ok benoit@ 
NaCl (pronounced "salt") is a new easy-to-use high-speed software library
for network communication, encryption, decryption, signatures, etc.
NaCl's goal is to provide all of the core operations needed to build
higher-level cryptographic tools.

Sodium is a fork of NaCl with a compatible API. Unlike NaCl, Sodium
performs checks for hardware features at runtime instead of compile time,
making it suitable for packaging.
 2013-10-23 12:07:52 +00:00
sthen
c4d9d2b279 Update to scanlogd 2.2.7, fixing an off-by-one bug in a safety check (only a 
minor impact in scanlogd), and cutting down the license a bit further,
see http://www.openwall.com/lists/announce/2013/10/21/1 for more.

While there, drop USE_GROFF and rearrange port into Makefile.template order.
 2013-10-23 10:10:56 +00:00
sthen
c193492c7c ClamAV 0.98 moved from libtommath to tomfastmath; however word-length detection 
is broken on !amd64 64-bit arch which invalidates assumptions in the code.
Workaround by taking a diff from clamav upstream. This fixes a problem reported
by Markus Lude where freshclam signature checks fail - researched by him and
port diff from him (I just added a bit of commentary to the patch file).
 2013-10-22 08:56:34 +00:00
naddy
d9d9ccbd06 Drop USE_GROFF since groff and mandoc produce identical output. 2013-10-18 11:29:41 +00:00
bluhm
e891f03167 update p5-IO-Socket-SSL to 1.955 2013-10-16 19:41:11 +00:00
naddy
06a9102560 Drop USE_GROFF since groff and mandoc produce identical output. 2013-10-11 23:48:03 +00:00
pascal
b919015e44 SECURITY update to GnuPG 2.0.22. Fixes CVE-2013-4402, see: 
http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html

ok pea@ (maintainer)
 2013-10-07 11:54:28 +00:00
naddy
9ea24770be no need for groff 2013-10-05 12:30:45 +00:00
dcoppa
a2a0464ede Bye bye MODPY_BADEGGS 2013-10-03 16:37:15 +00:00
ajacoutot
539eeef333 distfiles.bsdfrog.org: http -> https 2013-10-01 09:07:14 +00:00
sthen
84de7e7adb - fix gnuism in unit_tests/Makefile 
- allow running tests twice (don't fail if can't create symlink to python)

no pkg change
 2013-09-29 22:38:29 +00:00
ajacoutot
c611a41f46 Update to libpwquality-1.2.3. 2013-09-24 14:57:14 +00:00
ajacoutot
fe43e2a5a1 Update to p11-kit-0.20.1. 2013-09-24 08:06:56 +00:00
sthen
7c20710162 missing run dep; rpe@ 2013-09-23 14:05:21 +00:00
sthen
c753168019 +sslScanner, p5-Net-SSL-ExpireDate, p5-Crypt-OpenSSL-X509 2013-09-23 11:50:55 +00:00
sthen
90f8eda064 import ports/security/sslScanner, ok landry@ 
sslScanner is an open source Perl application which connects to a range
of hosts/ports which are running SSL based services such as HTTPS.
It then displays the certificate CN and how long is left until the
certificate expires. It also has a mode suitable for use from cron(8),
to alert on certificates expiring within a certain number of days.
 2013-09-23 11:49:45 +00:00
sthen
056bfd2b4a import ports/security/p5-Net-SSL-ExpireDate, ok landry@ 
Net::SSL::ExpireDate fetches a certificate from the network (SSL) or local
file, obtains its start and expiration dates, and allows validity to be
tested or dates to be returned.
 2013-09-23 11:49:21 +00:00
sthen
0c7c118d60 import ports/security/p5-Crypt-OpenSSL-X509, ok landry@ 
This Perl extension implements the majority of OpenSSL's X509 API.
 2013-09-23 11:48:55 +00:00
benoit
e2f83b2f10 Update py-paramiko to 1.11.1. 2013-09-21 06:11:48 +00:00
sthen
ba709626eb update to yubikey-personalization-gui-3.1.10 2013-09-20 21:19:40 +00:00
sthen
ad82cdda3c update to clamav 0.98: 
- signature improvements, performance improvements, support for new file
types including ISO9660, Flash, self-extracting 7z files

- more configurable limits

- callbacks added to API

while there, drop run dependency on zoo; clamav actually switched from zoo
to unzoo (which we don't have in ports) in 0.60(!) so this was doing nothing.
 2013-09-20 15:22:58 +00:00
ajacoutot
798d1f1962 Update to libassuan-2.1.1. 2013-09-17 11:10:01 +00:00
sthen
d7d281815f Replace "source ./vars" (bashism) with ". ./vars" in various files 
installed by easy-rsa. Found the hard way by Predrag Punosevac.
 2013-09-14 21:59:59 +00:00
sthen
836a7c1d81 update to clamav-unofficial-sigs-3.7.2 2013-09-09 22:09:58 +00:00
ajacoutot
b10ddb6f8e Update to gnutls-3.2.4. 2013-09-06 16:27:51 +00:00
ajacoutot
3d8d8cf06c Update to p11-kit-0.20.0. 2013-09-06 16:27:21 +00:00
ajacoutot
c2de9d8d58 Update to libgpg-error-1.12. 2013-09-06 16:25:06 +00:00
ajacoutot
23b354ad1a Build py-crypto,python3 2013-09-05 07:47:22 +00:00
sthen
50e8f03e81 tweaks for libnettle, from Juan Francisco Cantero Hurtado: 
- don't force -ggdb3

- don't use asm on arm, our toolchain can't handle it
(http://rhaalovely.net/build-failures/arm/20130730/security/libnettle.log)
 2013-09-03 13:53:47 +00:00
ajacoutot
7b341dfcc3 Update to libgcrypt-1.5.3. 2013-08-26 08:20:28 +00:00
zhuk
4f664d8b82 Fixup handling of FreeDesktop goo: desktop-file-utils, gtk-update-icon-cache 
and shared-mime-info. Found by portcheck.

A lot of input from and okay ajacoutot@
 2013-08-20 22:05:46 +00:00
pascal
2db9b7d854 Update to GnuPG 2.0.21. 
ok dcoppa@, maintainer timeout
 2013-08-20 20:01:30 +00:00
dcoppa
492f06c1db Explicitly link with -lpthread; tests, no bump needed. 2013-08-20 14:28:48 +00:00
stsp
ae981be712 Update pidgin-otr to version 4.0.0. ok pascal@ 2013-08-15 16:33:31 +00:00
stsp
c5653589d6 Update libotr to version 4.0.0. Supports version 3 of the OTR protocol, 
which most importantly adds support for multiple simultaneously logged-in
instances of the same user account.
ok pascal@
 2013-08-15 16:33:22 +00:00
naddy
fb935bc764 remove (time_t)timeval.tv_sec casts now that tv_sec has type time_t 2013-08-15 14:58:45 +00:00
pascal
b5494e6708 add comment about ports that need to be adapted to the new libotrv4 API when 
updating.
 2013-08-14 14:17:28 +00:00
abieber
3a099ac12f bump revision to catch the gyp fix 
OK nigel@
 2013-08-13 21:18:09 +00:00
dcoppa
3fedf5890d Update to ccid-1.4.12. 2013-08-13 09:46:54 +00:00
rpe
78a8551c23 add pwsafe,no_x11 2013-08-12 22:24:01 +00:00
rpe
665318a6a2 - add no_x11 FLAVOR so it's usable on hosts with no X sets installed 
- be a bit more verbose in updated DESCR
- bump REVISION

'Sure, why not' aja@, sthen@
 2013-08-12 21:55:35 +00:00
benoit
b3a7890e7e Update py-paramiko to 1.11.0. 2013-08-11 10:20:03 +00:00
rpointel
e17019ffb8 oops, add pthread to WANTLIB... 2013-08-09 19:26:56 +00:00
rpointel
e63340b418 Update libssh to 0.5.5. 
ok aja@
 2013-08-09 19:14:50 +00:00
naddy
8019c3b106 fix FULLPKGNAME abuse, revealed by REVISION bump 2013-08-09 11:23:25 +00:00
bluhm
5d6ea09c64 update p5-IO-Socket-SSL to 1.953 2013-08-08 22:37:45 +00:00
bluhm
ea78e22df6 update p5-Net-SSLGlue to 1.04 2013-08-08 22:18:18 +00:00
naddy
2394f51acd move http://github.com and http://bitbucket.org to https 
suggested by bentley@
 2013-08-07 21:57:40 +00:00
naddy
c2832a1290 move http://code.google.com, *.googlecode.com, and sites.google.com to https 
suggested by bentley@
 2013-08-07 21:31:12 +00:00
jasper
45606ac347 Security fix for CVE-2013-4242 GnuPG side-channel attack on RSA secret keys 
ok pea@ sthen@
 2013-08-06 19:28:57 +00:00
jasper
24eb27a090 Security fix for CVE-2013-4242 GnuPG side-channel attack on RSA secret keys 
ok pea@ sthen@
 2013-08-06 19:22:10 +00:00
rpointel
a8757fe45b +py-pefile 2013-08-06 19:20:54 +00:00
rpointel
06d5101b06 Import pefile. 
pefile is a multi-platform Python module to read and work with Portable
Executable (aka PE) files. Most of the information in the PE Header is
accessible, as well as all the sections, section's information and data.

ok landry@ (thanks).
 2013-08-06 19:20:09 +00:00
gsoares
814cac8ad6 luasec is now hosted on github 
pointed out by jasper@
 2013-08-06 19:11:54 +00:00
ajacoutot
a01e5c8ed3 Update to p11-kit 0.18.5. 2013-08-06 19:07:00 +00:00
ajacoutot
bb482d60fc Update to gnutls 3.2.3. 2013-08-06 19:06:37 +00:00
kili
052dc8986a Update to 4.2.5.1. 2013-07-18 22:32:09 +00:00
bentley
0d107ee995 Update jung@'s contact info in all ports. Drop spe and ddclient per request. 
ok jung@
 2013-07-17 03:27:01 +00:00
sthen
579a4c4957 remove commented-out entries for Doppelstern in default configs; 
db will be going away.
 2013-07-16 15:57:38 +00:00
espie
2f7aaf0176 let vax find gpg-error, maybe it will build 2013-07-15 20:47:01 +00:00
bluhm
5391cb32d7 update p5-IO-Socket-SSL to 1.952 2013-07-14 23:24:20 +00:00
jca
49d9c2c78e Introduce MASTER_SITES_GNUPG and reuse it for various GnuPG 
(sub)projects.  http:// urls first, then the primary ftp
site for ''make peek-ftp'', as suggested by sthen@.
ok sthen@
 2013-07-12 00:49:23 +00:00
dcoppa
3d1fda1069 This is better. 2013-07-10 15:13:00 +00:00
dcoppa
1a61cbf74f Revert previous. 
As explained by aja@, we do not set NO_TEST when a test target
exists, even when it does nothing.
 2013-07-10 14:15:51 +00:00
dcoppa
974b1f5e2a Add TEST* glue. 2013-07-10 13:47:30 +00:00
dcoppa
d2cbc3f7ac Add NO_TEST=Yes 2013-07-10 13:42:39 +00:00
espie
740e26f805 revert change THAT LOSES INFORMATION. 2013-07-08 10:31:01 +00:00
espie
fea5856478 revert stupid change 2013-07-08 10:29:37 +00:00
brad
7252215a3f change depends to how they were before rev 1.2. no functional change. 2013-07-08 04:29:09 +00:00
brad
dd8f79ec72 change depends to how they were before rev 1.14. no functional change. 2013-07-08 04:17:01 +00:00
espie
1a14efe846 fix on vax 2013-07-06 08:32:06 +00:00
espie
b1ca94d708 fix depends for !shared 2013-07-06 08:30:28 +00:00
jasper
2e80eecc12 use ${VARBASE} instead of hardcoding /var 2013-07-05 07:44:59 +00:00
bluhm
3fc4c67b41 update p5-IO-Socket-SSL to 1.951 2013-07-05 02:22:51 +00:00
landry
54936ef081 Update to nss 3.15.1, adds support for TLS 1.2. Will be required at some 
point by newer geckos...

see https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.1_release_notes
 2013-07-04 08:36:55 +00:00
espie
6cd28b2069 grumble, thx fgs@ 2013-07-02 16:20:25 +00:00
espie
e9bba84c13 LIB_DEPENDS don't propagate 2013-07-02 08:09:43 +00:00
benoit
d27f62aaa8 Update assl to 1.4.1. 
from David Hill (maintainer)
 2013-07-02 06:10:55 +00:00
jasper
91fb99f583 remove metasploit, the open source version is unmaintained upstream and 
this port hadn't had much love in recent years.

as discussed with and OK stephan@ (MAINTAINER)
 2013-07-01 16:51:02 +00:00
jasper
93a36cbda2 +ruby-hmac 2013-07-01 16:47:15 +00:00
jasper
3120fe588c import ruby-hmac-0.4.0 
This module provides common interface to HMAC functionality. HMAC is a
kind of "Message Authentication Code" (MAC) algorithm whose standard is
documented in RFC2104. Namely, a MAC provides a way to check the
integrity of information transmitted over or stored in an unreliable
medium, based on a secret key.

ok aja@
 2013-07-01 16:46:45 +00:00
jeremy
3364626bcb Build ruby 2.0 versions of ruby C extensions. Use explicit FLAVORs 
in the category Makefiles for ruby C extensions, to reduce churn
when the default ruby version changes,
 2013-06-29 15:56:10 +00:00
sthen
2d917503dd add some ports to category Makefiles which were not linked, but which do not 
have "not yet linked to the build" etc. in the commit log.

devel/hs-simple-sendfile
devel/jenkins
security/p5-Mozilla-CA
sysutils/uptimed
textproc/p5-Encode-Locale
www/p5-IO-HTML
www/webgui
 2013-06-29 09:33:08 +00:00
espie
35025ef1a4 configure from the tool itself says: 
configure: error: p11-kit cannot be used as a static library

so don't waste time
 2013-06-28 12:36:31 +00:00
ajacoutot
8f1ce8ad51 Update to gringotts-1.2.10. 
ok pea@ (maintainer)
 2013-06-24 06:14:21 +00:00
landry
665aa1b119 Update to nss 3.15. 
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15_release_notes

After years of sticking to CVS, upstream finally switched to hg,
changing its directory layout while here. All our patches are actually
unchanged, but got renamed/moved. CVS doesn't handle moves :)

Tested in an amd64 bulk build.
 2013-06-23 18:40:01 +00:00
ajacoutot
d92e1e19af Drop unused CONFIGURE_ARGS. 2013-06-23 10:04:47 +00:00
ajacoutot
07c0094289 Merge PLISTs. 
Regen WANTLIB.
 2013-06-23 09:55:11 +00:00